Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-06-05 12:44:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

fix(outbound): import ech and pcs from TLS share links

Browse source 
The vless/trojan link parser's TLS branch read only sni/fp/alpn, so the
ech (echConfigList) and pcs (pinnedPeerCertSha256) query params were
dropped on import even though buildStream allocates both fields. Read
them in applySecurityParams to match the inbound link generator and the
hysteria2 parser.
This commit is contained in:
MHSanaei 2026-06-05 11:01:51 +02:00
parent f470bc7cf8
commit e7ffae5329
No known key found for this signature in database
GPG key ID: 7E4060F2FBE5AB7A
2 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
frontend/src/lib/xray/outbound-link-parser.ts
View file

@ -203,6 +203,8 @@ function applySecurityParams(stream: Raw, params: URLSearchParams): void {
tls.fingerprint = params.get('fp') ?? '';
const alpn = params.get('alpn');
if (alpn) tls.alpn = alpn.split(',');
tls.echConfigList = params.get('ech') ?? '';
tls.pinnedPeerCertSha256 = params.get('pcs') ?? '';
} else if (stream.security === 'reality') {
const reality = stream.realitySettings as Raw;
reality.serverName = params.get('sni') ?? '';

15
frontend/src/test/outbound-link-parser.test.ts
View file

@ -360,6 +360,21 @@ describe('parseVlessLink — extra / fm / x_padding_bytes (B20)', () => {
const stream = parsed!.streamSettings as Record<string, unknown>;
expect((stream.xhttpSettings as Record<string, unknown>).mode).toBe('auto');
});
it('round-trips ech and pcs from a TLS vless link', () => {
const ech = 'AFb+DQBSAAAgACAL7gYwrvaSFCIEs34G3SkfpuIbjMuYQxAiJsPK1oO7cwAkAAEAAQABAAIAAQADAAIAAQACAAIAAgADAAMAAQADAAIAAwADAAMxMjMAAA==';
const pcs = '6fbc15ba46dfed152ad6c8d2129dd774707dd667a9ab4965476fa0f79ba82670';
const link = 'vless://e3d307ae-c074-4aa3-af08-4f9e0f1d298b@localhost:15282?'
+ 'alpn=h3&ech=' + encodeURIComponent(ech) + '&encryption=none&fp=firefox&host=&'
+ 'mode=packet-up&path=%2F&pcs=' + pcs + '&security=tls&sni=123&type=xhttp#i5sboxj07w';
const parsed = parseVlessLink(link);
expect(parsed).not.toBeNull();
const tls = (parsed!.streamSettings as Record<string, unknown>).tlsSettings as Record<string, unknown>;
expect(tls.echConfigList).toBe(ech);
expect(tls.pinnedPeerCertSha256).toBe(pcs);
expect(tls.serverName).toBe('123');
expect(tls.fingerprint).toBe('firefox');
});
});
describe('parseWireguardLink', () => {